We’ve fixed an issue that meant we weren’t storing some customers’ PINs correctly

Although knowledge of someone’s PIN could be enough to trick them into doing or disclosing something else.

And I presume Monzo engineers are able to change the email address associated with an account, which means they wouldn’t actually need access to my email account.

Still, I agree, it’s a low risk data breach :grinning:

Which email? The one that tells you “We’ve fixed an issue that meant we weren’t storing some customers’ PINs correctly.” or one that says “you’ve been affected”? I’ve received AN email with the subject ‘Please update your app and change your PIN’ which directs me to this blog. So, are some customers not being told about this at all because Monzo believe they weren’t affected? The whole thing is very confusing.

Hope you’re happy now.

1 Like

Social engineering is the most likely fraud vector for anyone who works for a bank to defraud someone (and plausibly get away with it)

Monzo users are far too quick to accept issues as “it’s OK, they are the good guys”. A word springs to mind here but using it will end up getting the post blocked.


So is copy and paste if the data is just sitting there :slight_smile:

You missed the point in the email where the logs are encrypted.

Your posts you have demonstrated little knowledge of the problem, system logging is standard practice, it appears in this instance sensitive data was logged to encrypted logs which they have said shouldn’t have been.

The data has been removed and the code which logged this data been removed.

I take comfort that the logs stuff, if they didn’t how would the investigate and detect suitably that fraudulent activity was happening on the accounts.

I think Monzo’s approach has been perfect, they admitted there was a problem, not fluffed things, come clean with customers and regulators, as been stated here, there is no obligation for them to do so legally as was internal situation.

I am certain that all their staff are vetted and pass security checks, and all access to records are logged.

Yes, it happened, it shouldn’t but response has been A*


They were obviously decrypted for them to see the issue. It’s not encrypted to a point they can’t access it. What are you defending…?

1 Like

Sensitive card data is not standard practice Daniel! You never troubleshoot with live data, that’s why full encryption is used. If someone can decrypt it, then it defeats the whole point. Vetting has nothing to do with it.

1 Like

To be fair this is speculation, they engineer that found the issue may have just found the code that caused the issue first and found it that way rather than finding the data in the logs first. Either way though I presume it is indeed decrypt-able or else there wouldn’t have been an issue (I presume).

Someone wrote the code and deployed in the production environment. If they didn’t realise the risk then it’s sad for them, if they did realise it and still deployed it then it’s sad for the cardholders.

1 Like

What a weird discussion - yes encrypted data can be decrypted. If not, it’s not called encryption but losing information that cannot be recovered …
The only question is who can decrypt it and how is it audited.


I’d disagree with your post.
This shouldn’t have happened & people can defend Monzo all they want but bottom line something clearly has gone wrong otherwise they would not have reported themselves to FCA, PRA & ICO.
I love Monzo and appreciate that they are open.
However on this the email is not clear - I have had family members contact me saying they are confused.
I’m not changing my PIN & if anything happens I would report the issue to FOS.


I think this is one of the big problems Monzo have going forward; that people’s expectations is that companies only do the bare minimum they’re legally obliged to, rather than being proactive.

Maximum transparency is just a ticket to bad PR and constant criticism, which is why other companies just bury this stuff.


I wonder if one of the big banks did this and followed the exact same path Monzo has, would they still be as accepting and lenient as some of the posts here? :thinking:


It has got MSE attention

And FT


Remarkably not that bothered, and won’t change a pin which was already encrypted.

Probably has a lot to do with having a TSB joint account when they absolutely s**t the bed, we couldn’t access our account, and when we could it took another week to find our actual balance.

Mistakes happen, it’s how you handle them, and how you fix em, Monzo fronted up, and TSB didn’t


I have read all of your posts in this thread and I think you need to provide more information ASAP. You have made some massively wild claims so can we have some evidence - firstly you are claiming banks aren’t hashing passwords, can you name them please? I would be appalled if this was true and be keen to avoid them. Next you’ve said this stuff (and worse) happens regularly at other banks - can you be more specific please? Which banks and what incidents are you referring too?

Also regarding this issue you have said the PIN wasn’t viewable by a human, can you confirm that is correct? Because encrypting logs file can be done with the intention of being able to decrypt them to view when incidents happen - otherwise there is no point in logging information you cant view!

Also depending on the circumstances they would have had a legal duty to inform us about this (rather than just being transparent), you’ve claimed they didn’t need to here - can you state your knowledge of the law and your additional knowledge of the circumstances here (I haven’t seen enough info provided to know either way).

These are genuine questions and I’m NOT accusing you of making anything up, I’d just like more info to support your statements.


To anyone from Monzo - Can you clarify here, was the PIN readable by a human (your technical engineers to be precise) ? I guess if anyone had hacked you, they would also have this information! (chances are you wouldn’t be aware of this until it appears on the dark web!).

If the answer is no, then I don’t see this as a big deal.

My take is the pin numbers were visible internally to a software developers if they choose to look. It doesn’t necessarily mean they could be visible to the ordinary person within Monzo as often access to database tables is restricted in the first place.

I don’t know about encryption as there are many different ways to employ encryption such as at data level or operating system level and it’s quite possible that some of these are transparent to the software developers.

That’s just my thoughts.